Development of Safe and Secure Systems
- Prof. Dr. Alexander Dworschak
- Christian Wenzel-Benner
The module introduces the pitfalls of software and hardware development (and their interactions) in the context of systems that have to be both safe against accidents and secure against malicious tampering.
Students know the typical causes of errors and security issues of software and know to to avoid them. The value of ISO standards is understood w.r.t. a concrete programming language, as are the subtle but dramatic issues that can afflict software which does not adhere to the relevant standards. Students are capable of solving a safe/secure development challenge on a hardware prone to failure and attack and can explain and defend their solution to the other course participants.
- Introduction: damages cause by software errors, hacked computers, vehicles, industrial plants and the different between safety and security
- The idea behind efficient compiled programming languages
- Typical issues of compiled programming languages
- Successful attacks in the past
- How to prevent typical problems by adhering to coding standards
- How to protect data in electronic memories (e.g. RAM) and on digital communication lines
- Tools that support these activities
Seminaristischer Unterricht 2 SWS; Praktikum 2 SWS
Examination prerequisite: Regular attendance (at least 80% of the time)
Examination: Successful completion of the development challenge as a team and an individual short test on key points.
- Steve Maguire: Writing Solid Code
- Robert C. Seacord: Secure Coding in C and C++
- ISO/IEC 9899:1999: Programming languages – C
- Robert C. Seacord: The CERT C Coding Standard
- Armin Biere et.al: Digitaltechnik — Eine praxisnahe Einführung, Springer
- Klaus Wüst: Mikroprozessortechnik, Vieweg+Teubner